package com.security.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class TestController {

    @PostMapping("/main")
    @Secured("ROLE_admin")
    @PreAuthorize("hasAnyRole('ROLE_admin')")
    public String toMain(){
      return "/main.html";
    }
}
